madabdul82
asked on
Can I configure this PIX 515E without failover? Also, why the ip assignment problem?
We have acquired a
"PIX 515E FO-AA BUN-sw Act/ac Tfo License Vac+ 6fe"
firewall and I am having trouble configuring it as a primary. Is it even possible to configure it as the primary (and ultimately the only) firewall?
The difficulties I'm having seem to revolve around my inability to assign the inside interface an IP address. Using the CLI, I go into configure mode for the interface and give it "ip address 192.168.1.1 255.255.255.0 inside" and the command completes with no errors reported yet when I "show interface", it reports the inside interface as having no IP address assigned.
BTW, if I use the CLI to "configure factory-default" then "show interface", it does assign the inside interface an IP and I'm able to use ASDM successfully which is very strange to me. Despite using "write memory" to save that working configuration to the flash, rebooting the firewall reloads a non functioning config giving me the same problem I described above.
Even running the "setup" command and assigning the IP address that way fails to actually assign it. The ONLY way I can get it to work is through loading the factory-defaults.
Your help is GREATLY appreciated!
"PIX 515E FO-AA BUN-sw Act/ac Tfo License Vac+ 6fe"
firewall and I am having trouble configuring it as a primary. Is it even possible to configure it as the primary (and ultimately the only) firewall?
The difficulties I'm having seem to revolve around my inability to assign the inside interface an IP address. Using the CLI, I go into configure mode for the interface and give it "ip address 192.168.1.1 255.255.255.0 inside" and the command completes with no errors reported yet when I "show interface", it reports the inside interface as having no IP address assigned.
BTW, if I use the CLI to "configure factory-default" then "show interface", it does assign the inside interface an IP and I'm able to use ASDM successfully which is very strange to me. Despite using "write memory" to save that working configuration to the flash, rebooting the firewall reloads a non functioning config giving me the same problem I described above.
Even running the "setup" command and assigning the IP address that way fails to actually assign it. The ONLY way I can get it to work is through loading the factory-defaults.
Your help is GREATLY appreciated!
A PIX with a failover license will not work by itself - the failover license is the cheapest one to get, because it is only used for the 2nd PIX in a failover pair - the primary uses an unrestricted license (most costly) and the secondary can run on an FO license.
You will need to but at least a restricted license to run your PIX.
You will need to but at least a restricted license to run your PIX.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for the concise answer, stressedout2004! Basically its fooling the PIX into thinking it's counterpart is malfunctioning...but the joke is really on me.
I will be acquiring the correct licensing for this PIX to run as a primary and I very much appreciate both you and the administrator cautioning me on that.
Thanks again!
I will be acquiring the correct licensing for this PIX to run as a primary and I very much appreciate both you and the administrator cautioning me on that.
Thanks again!
I'm pleased you took the comment the way it was meant and you have the information you need.
regards
keith
regards
keith
We tried setting up a pix with a failover license as a stand alone. We got the ip address to take but without its partner in crime it will not ARP.
RDC
Fishnet Security